Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-12 | CVE-2023-3710 | Command Injection vulnerability in Honeywell Pm43 Firmware Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. | 9.8 |
| 2023-09-12 | CVE-2023-39637 | Command Injection vulnerability in Dlink Dir-816 Firmware 1.10B05 D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis. | 9.8 |
| 2023-09-11 | CVE-2023-38829 | Command Injection vulnerability in Netis-Systems Wf2409E Firmware 3.6.42541 An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface. | 8.8 |
| 2023-09-11 | CVE-2023-39780 | Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. | 8.8 |
| 2023-09-05 | CVE-2023-4310 | Command Injection vulnerability in Beyondtrust Privileged Remote Access and Remote Support BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. | 9.8 |
| 2023-08-25 | CVE-2023-40796 | Command Injection vulnerability in Phicomm K2 Firmware 22.6.529.216 Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call. | 7.8 |
| 2023-08-25 | CVE-2023-25649 | Command Injection vulnerability in ZTE Mf286R Firmware Crlvwrgbmf286Rv1.0.0B04 There is a command injection vulnerability in a mobile internet product of ZTE. | 8.8 |
| 2023-08-24 | CVE-2023-39834 | Command Injection vulnerability in Pbootcms PbootCMS below v3.2.0 was discovered to contain a command injection vulnerability via create_function. | 9.8 |
| 2023-08-22 | CVE-2020-22570 | Command Injection vulnerability in Memcached 1.6.0/1.6.1/1.6.2 Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command. | 7.5 |
| 2023-08-22 | CVE-2023-23564 | Command Injection vulnerability in Geomatika Isigeo web 6.0 An issue was discovered in Geomatika IsiGeo Web 6.0. | 8.8 |